Hello there!

It has been a while since our last update, but it’s about time to address the elephant in the room: downtimes. Lemmy.World has been having multiple downtimes a day for quite a while now. And we want to take the time to address some of the concerns and misconceptions that have been spread in chatrooms, memes and various comments in Lemmy communities.

So let’s go over some of these misconceptions together.

“Lemmy.World is too big and that is bad for the fediverse”.

While one thing is true, we are the biggest Lemmy instance, we are far from the biggest in the Fediverse. If you want actual numbers you can have a look here: https://fedidb.org/network

The entire Lemmy fediverse is still in its infancy and even though we don’t like to compare ourselves to Reddit it gives you something comparable. The entire amount of Lemmy users on all instances combined is currently 444,876 which is still nothing compared to a medium sized subreddit. There are some points that can be made that it is better to spread the load of users and communities across other instances, but let us make it clear that this is not a technical problem.

And even in a decentralised system, there will always be bigger and smaller blocks within; such would be the nature of any platform looking to be shaped by its members. 

“Lemmy.World should close down registrations”

Lemmy.World is being linked in a number of Reddit subreddits and in Lemmy apps. Imagine if new users land here and they have no way to sign up. We have to assume that most new users have no information on how the Fediverse works and making them read a full page of what’s what would scare a lot of those people off. They probably wouldn’t even take the time to read why registrations would be closed, move on and not join the Fediverse at all. What we want to do, however, is inform the users before they sign up, without closing registrations. The option is already built into Lemmy but only available on Lemmy.ml - so a ticket was created with the development team to make these available to other instance Admins. Here is the post on Lemmy Github.

Which brings us to the third point:

“Lemmy.World can not handle the load, that’s why the server is down all the time”

This is simply not true. There are no financial issues to upgrade the hardware, should that be required; but that is not the solution to this problem.

The problem is that for a couple of hours every day we are under a DDOS attack. It’s a never-ending game of whack-a-mole where we close one attack vector and they’ll start using another one. Without going too much into detail and expose too much, there are some very ‘expensive’ sql queries in Lemmy - actions or features that take up seconds instead of milliseconds to execute. And by by executing them by the thousand a minute you can overload the database server.

So who is attacking us? One thing that is clear is that those responsible of these attacks know the ins and outs of Lemmy. They know which database requests are the most taxing and they are always quick to find another as soon as we close one off. That’s one of the only things we know for sure about our attackers. Being the biggest instance and having defederated with a couple of instances has made us a target.  

“Why do they need another sysop who works for free”

Everyone involved with LW works as a volunteer. The money that is donated goes to operational costs only - so hardware and infrastructure. And while we understand that working as a volunteer is not for everyone, nobody is forcing anyone to do anything. As a volunteer you decide how much of your free time you are willing to spend on this project, a service that is also being provided for free.

We will leave this thread pinned locally for a while and we will try to reply to genuine questions or concerns as soon as we can.

  • kadu@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    1 year ago

    What I find most ridiculous about people claiming lemmy.world is too big and therefore bad for the Fediverse is simply… Have you people wondered why it got so big?

    During the crucial first weeks of the Reddit migration, the single time period with the most chance of bringing new users, pretty much all larger Lemmy instances closed their registrations - they couldn’t handle the influx. Other big ones decided to immediately defederate everybody, they were afraid of having to moderate content. And a few did remain open and federated, but they were also extremely niche and focused on their own political side of the spectrum.

    Lemmy.world however remained open, remained with active admins that helped the first moderators, and kept upgrading the server at a very fast rate - you might forget it now, but Lemmy was massively slow and frustrating and then a new Lemmy.world update would drop and it would feel like a different website.

    So yeah, “bad for the Fediverse” for being the only instance that kept up with the demand at the most necessary time.

    Thanks Lemmy.world team.

    • Capt. Wolf@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 year ago

      I’m convinced now that people saying something is “Bad for the fediverse” is just their ignorance and xenophobia showing.

      Look at the shitposting or lemmy memes going around and you’ll see a lot of people are actually afraid of users coming from reddit and spoiling the experience here.

      I’m sure others don’t want us growing because, consciously or unconsciously, they won’t have as much traction or get as much attention. More people means you have less of a voice.

      We can’t argue about federation on the net, avoiding corporate control, or whatever while sticking our hand out and stopping people from joining. It just doesn’t work that way.

      People complaining about the size of a social media platform are missing the point of a social media platform…

      • antonim@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        This is the first time in my life I’ve seen dislike of the userbase of an another site called ‘xenophobia’.

        Especially weird since 90% of Lemmy is fresh off reddit themselves.

        Personally I just don’t want the shitty aspects of the reddit community seeping over here. It’s a fact that reddit userbase has been facebookised, to the degree where I frequently see people who are outright stupid (repeatedly posting threads to wrong subreddits, ignoring mod messages, unable to comprehend basic English… stuff that I’d expect to see on Facebook and not reddit), or focused on memes and quips to the point where any discussion is flooded with such moronic content. There’s still (at least) tens of thousands of people on reddit who I’m sure would be great contributors on Lemmy too if they decide to switch, and I hope they will. But I don’t want all of reddit here. Is that really so bad, to not want to look at unfiltered normie crap? Reddit was good (if it ever was good) precisely because it was a bit elitist in its design and its culture.

        We can’t argue about federation on the net, avoiding corporate control, or whatever while sticking our hand out and stopping people from joining.

        Maybe people can join somewhere else too? Make a Fediverse equivalent of Facebook/Instagram or something. Lemmy is not all of Fediverse and doesn’t have to be for everyone.

        Like half of your complaints are literally good things. Yes, people want to be heard and not practically hidden from 90% if they don’t get enough upvotes on their post/comment during the crucial early time frame, as on bigger reddit subs. Lemmy is not a social media platform anyway, its goal is not to facilitate socialisation among the users and it doesn’t need many millions of users to work well.

        • EmperorOfTexas@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          I don’t want all of Reddit to come flooding in all at once.

          But one thing I’ve noticed is that the entire Fediverse has a lot of instance-specific stuff going on. It’s really a question of finding the right instance for you. For example, I didn’t particularly like mastodon.social as an instance of Mastodon, but I’ve found other instances where I gel with the userbase well. It’s actually made the experience more pleasant.

          If you’re willing and able, setting up a Lemmy instance for some specific community is actually a good idea. During my holiday break, I’m going to be working on setting up Lemmy for my town and maybe even a club website that I have been assigned control over. .world will suffice in the interim.

  • cbAnon0@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    This has been pinned a few days now. Site health was pretty dire with several long outages.

    But subjectively in the last 48 hours things seem to be great. Noticeably responsive and login and activities haven’t missed a beat.

    StatusPage.io still looks very red though… Is the worst now mitigated?

    Thanks to the stirling admins (and friends) for their work on this. Vive la Lemmy.World!

  • fox2263@lemmy.world
    link
    fedilink
    arrow-up
    9
    arrow-down
    3
    ·
    1 year ago

    Are you guys using a load balancer at all? How about a tool like CrowdSec?

    I use that and the nginx Bad Bot Blocker to stop malicious shits on the sites I operate (medium-large e-commerce) to great success. We used to get scraped heavily by competitors but now they get the middle finger.

    I presume you have fail2ban too?

    • just_another_person@lemmy.world
      link
      fedilink
      arrow-up
      12
      ·
      1 year ago
      • crowdsec can only monitor and execute ban actions, which doesnt’t help with SQL execution attacks. Same with f2b.
      • blocklists only work for known bad actors, and usually pretty old or stale. You need to be able to catch and stoo new attacks quickly
      • Looks like lemmy.world is using Cloudflare, so need to block entrance at the network there. Crowdsec could do this, but only after a successful attack was identified, which would have already executed, so doesnt help.
      • SQL attacks in parallel only need a few good clients to get off a number of parallel requests at a time to lock up a DB. Block them, and the attacker can just get a new source IP and repeat. The fix is to not let those kinds of executions happen.
      • fox2263@lemmy.world
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        Are bad actors able to access the database to execute queries or is it through the main front end site and accessing API endpoints over and over? Then surely they can be blocked at this point?

        • just_another_person@lemmy.world
          link
          fedilink
          arrow-up
          5
          ·
          1 year ago

          These attacks are just through the public API, not malicious SQL-injection attacks. They are just non-optimized queries regular users can execute thag will bog down the system enougg to make it crawl, at which point, intervention is needed to either kill the runnimg slow queries, or just restart the db.

          • fox2263@lemmy.world
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            1 year ago

            Then surely those routes can be protected with various methods such as CrowdSec? And help mitigate overwhelming the endpoints slow process time. Especially if the attacks come from known IPs. Or at least repeat offenders (x requests in 1s from an IP for example) can get blocked straight away.

            I found a lot of crawlers were using HTTP1.1 traffic so I just blanket denied anything that wasn’t HTTP2 at the lowest level. Certainly helped that small menace!

            There has to be away to stop the pricks

            • just_another_person@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              Well…I think you miss the point though. These arent dangerous queries which normally need to be protected. They are just normal ways to interact with the server.

              They CAN be exploited by clever people who know how to make them cost a lot of execution time though. Lemmy is open source, so finding thise weaknesses is not hard. Patching and keeping things running is way more difficult.

              • fox2263@lemmy.world
                link
                fedilink
                arrow-up
                1
                arrow-down
                2
                ·
                1 year ago

                Well yes of course but the API route should be guarded still both internally and externally. If it’s like a fetch all post with certain filters and parameters then it being run over and over over the space of a few seconds by thousands of requests then that takes up execution time on the database. Identifying that is easy as is preventing it. Rate limiting and banning undesirable requests. No normal user will be executing grandiose requests multiple times a second. That’s what constitutes a denial of service.

                Anyway, you do you.

                • just_another_person@lemmy.world
                  link
                  fedilink
                  arrow-up
                  3
                  ·
                  1 year ago

                  Pal, if you have a clever way of discerning the difference between normal and malicious patterns for publicly availble endpoints, we are lining up to give you some HJs.

  • orangeNgreen@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Is there any update on the instances that were unintentionally defederated from lemmy.world? I know that one of the fanaticus.social admins was trying to get that sorted out.

    • nyoooom@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Meh, usually a DDOS attack comes from thousands/millions of devices infected by a bother, those could be routers, connected lightbulbs and such, it’s very hard to trace back unless some big intelligence agency/group starts to investigate.

  • solstice@lemmy.world
    link
    fedilink
    arrow-up
    5
    arrow-down
    2
    ·
    1 year ago

    What about that “show context” button in our inboxes? It’s super annoying getting replies and not being able to see what the context was, all I get is that ‘bad gateway’ error or whatever.

  • eek2121@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    Have you guys contacted law enforcement? It may surprise you. A startup I worked for had the same issue and contacted the FBI. They were able to quickly (within hours) find the person doing it despite him using VPNs and other tools for OpSec.

  • LemmyLefty@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    In all seriousness, we all appreciate your work. These are the growing pains that are to be expected, and your hard work and transparency (and writing it up at a level that even I can understand) is welcome.

  • miles@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    a better solution is to decouple the query from individual api requests by adding a caching layer. we’ll get there eventually

  • SloppyPuppy@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Im a data engineer with 20+ years of experience in sql and various databases, I do performance tuning on daily basis. How can I help? Please message me if you think you can use me. Id be very happy to help where I can!